Dept. of Homeland Security Science & Technology Directorate DHS S&T Cyber Security Division (CSD) Overview AIMS-3 Workshop February 9-11, 2011 UCSD Edward Rhyne Program Manager Cyber Security Division Homeland Security Advanced Research Projects Agency (HSARPA) edward.rhyne@dhs.gov 202-254-6121
2004-2010 S&T Mission Conduct, stimulate, and enable research, development, test, evaluation and timely transition of homeland security capabilities to federal, state and local operational end-users. 9 February 2011 2
DHS S&T Mission Strengthen America’s security and resiliency by providing knowledge products and innovative technology solutions for the Homeland Security Enterprise 9 February 2011 3
4 9 February 2011 S&T Goals
5 9 February 2011
DHS S&T CSD Team Division Director: SETA Staff Douglas Maughan Amelia Brown Kyshina Chandler Program Managers Shari Clayman Luke Berndt Tammi Fisher Shane Cullen Jeri Hessman Karyn Higa-Smith Megan Mahle Edward Rhyne Jennifer Mekis Gregory Wigton Michael Reagan Elizabeth Reuss Contact us: SandT-Cyber@hq.dhs.gov 9 February 2011 6
A Roadmap for Cybersecurity Research http://www.cyber.st.dhs.gov Scalable Trustrworthy Systems Enterprise Level Metrics System Evaluation Lifecycle Combatting Insider Threats Combatting Malware and Botnets Global-Scale Identity Management Survivability of Time-Critical Systems Situational Understanding and Attack Attribution Information Provenance Privacy-Aware Security Usable Security 9 February 2011 7
DHS S&T Roadmap Content What is the problem being addressed? What are the potential threats? Who are the potential beneficiaries? What are their respective needs? What is the current state of practice? What is the status of current research? What are the research gaps? What challenges must be addressed? What resources are needed? How do we test & evaluate solutions? What are the measures of success? 9 February 2011 8
R&D Execution Model Post R&D Customers Experiments Other Sectors Critical * NCSD and Exercises Critical e.g., Banking & Outreach – Venture Infrastructure * NCS Infrastructure Finance Community & Providers * USSS Industry Providers R&D * National Documents Coordination – Prioritized Government Requirements & Industry Customers Pre R&D CIP Sector Roadmaps R&D Workshops SPRI DNSSEC CI / KR – Energy, HOST Solicitation B&F, O&G Preparation Education / Cyber Forensics Competitions SBIRs BAAs Supporting Programs DETER PREDICT 9 February 2011 9
Cyber Security Program Areas Internet Infrastructure Security Critical Infrastructure / Key Resources (CI/KR) National Research Infrastructure Cyber Forensics Homeland Open Security Technology (HOST) Identity Management / Data Privacy Internet Measurement and Attack Modeling Software Assurance - Tools and Infrastructure Next Generation Technologies Exp Deployments, Outreach, Education/Competitions Comp. National Cybersecurity Initiative (CNCI) Small Business Innovative Research (SBIR) 9 February 2011 10
Internet Measurement / Attack Modeling This TTA will yield technologies for the protection of key infrastructure via development of, and integration between, reliable capabilities such as: (1) Geographic mapping of Internet resources, (e.g., IPV4 or IPV6 addresses, hosts, routers, DNS servers, either wired or wireless), to GPS-compatible locations (latitude/longitude). (2) Logically and/or physically connected maps of Internet resources (IP addresses, hosts, routers, DNS servers and possibly other wired or wireless devices). (3) Detailed maps depicting ISP peering relationships, and matching IP address interfaces to physical routers. 9 February 2011 11
Internet Measurement / Attack Modeling (4) Monitoring and archiving of BGP route information. (5) Development of systems achieving improvement to the security and resiliency of our nation’s cyber infrastructure. (6) Monitoring and measurement applied to detection and mitigation of attacks on routing infrastructure, and supporting the development and deployment of secure routing protocols. (7) Monitoring and measurement contributing to understanding of Domain Naming System (DNS) behavior, both in terms of its changing role in distributed Internet scale malware activities, such as botnets, and DNS’s behavior as a system under change through DNSSEC and other potential changes affecting the root level. 9 February 2011 12
RouteViews Data in Real-Time • You can receive updates and routing tables in real-time •Updates: 129.82.138.26 TCP port 50001 •Tables: 129.82.138.26 TCP port 50002 •http://bgpmon.netsec.colostate.edu 9 February 2011 13
AMITE: New Results and IP hitlist evaluation Conclusions address visualization improvements AS-to-org. mapping http://www.isi.edu/ant/ 9 February 2011 14
DHS S&T BAA Industry Day – Nov 17, 2010 https://www.fbo.gov/index?s=opportunity&mode=form&id= 3459d2180c7625e61fff3e2764b7f78d&tab=core&_cview=0 Over 675 attendees BAA 11-02 posted Wed. Jan. 26 https://www.fbo.gov/index?s=opportunity&mode=form&id= 6ab2a491c47ca628d3feb0f54ecee7be&tab=core&_cview=1 https://baa2.st.dhs.gov – Site for registration and submission of white papers and proposals http://www.cyber.st.dhs.gov 9 February 2011 15
DHS S&T BAA Schedule White Paper Registration – Feb 14, 2011 White Papers – Due March 1, 2011 Proposal Notification – April 12, 2011 Full Proposals – Due May 26, 2011 Funding Notification – July 18, 2011 Contract Awards NLT Oct 31, 2011 9 February 2011 16
BAA 11-02 Technical Topic Areas (TTAs) TTA-1 Software Assurance DHS, FSSCC TTA-2 Enterprise-level Security Metrics DHS, FSSCC TTA-3 Usable Security DHS, FSSCC TTA-4 Insider Threat DHS, FSSCC TTA-5 Resilient Systems and Networks DHS , FSSCC TTA-6 Modeling of Internet Attacks DHS TTA-7 Network Mapping and Measurement DHS TTA-8 Incident Response Communities DHS TTA-9 Cyber Economics CNCI TTA-10 Digital Provenance CNCI TTA-11 Hardware-enabled Trust CNCI TTA-12 Moving Target Defense CNCI TTA-13 Nature-inspired Cyber Health CNCI TTA-14 Software Assurance MarketPlace S&T (SWAMP) 9 February 2011 17
Summary DHS S&T continues with an aggressive cyber security research agenda Working with the community to solve the cyber security problems of our current (and future) infrastructure Outreach to communities outside of the Federal government, i.e., building public-private partnerships is essential Working with academe and industry to improve research tools and datasets Looking at future R&D agendas with the most impact for the nation, including education Need to continue strong emphasis on technology transfer and experimental deployments 9 February 2011 18
Edward Rhyne Program Manager Cyber Security Division Homeland Security Advanced Research Projects Agency (HSARPA) edward.rhyne@dhs.gov 202-254-6121 For more information, visit http://www.cyber.st.dhs.gov 9 February 2011 19
Recommend
More recommend